Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/8n5-W507zN9G8-wWJ7J5SIFlYec.roa
File: 8n5-W507zN9G8-wWJ7J5SIFlYec.roa (raw, json)
Hash identifier: oGZl9kne7OfbnfF4gRCTnYvjnFOSOv6kojAJj6o0n94=
Subject key identifier: F2:7E:7E:5B:9D:3B:CC:DF:46:F3:EC:16:27:B2:79:48:81:65:61:E7
Certificate issuer: /CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Certificate serial: 018FA082DFE80B7300E5015A4E1567D81B20
Authority key identifier: BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/8n5-W507zN9G8-wWJ7J5SIFlYec.roa
Signing time: Wed 22 May 2024 13:34:42 +0000
ROA not before: Wed 22 May 2024 13:34:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30815
IP address blocks: 88.209.128.0/22 maxlen: 22
88.209.128.0/24 maxlen: 24
88.209.130.0/24 maxlen: 24
88.209.132.0/22 maxlen: 22
88.209.132.0/24 maxlen: 24
88.209.135.0/24 maxlen: 24
88.209.136.0/24 maxlen: 24
88.209.137.0/24 maxlen: 24
88.209.160.0/21 maxlen: 21
88.209.160.0/22 maxlen: 22
88.209.164.0/22 maxlen: 22
88.209.164.0/23 maxlen: 23
88.209.191.0/24 maxlen: 24
93.189.96.0/21 maxlen: 21
93.189.96.0/23 maxlen: 23
93.189.96.0/24 maxlen: 24
93.189.98.0/23 maxlen: 23
93.189.100.0/23 maxlen: 23
93.189.102.0/23 maxlen: 23
93.189.103.0/24 maxlen: 24
185.63.232.0/22 maxlen: 22
185.63.232.0/23 maxlen: 23
185.63.232.0/24 maxlen: 24
185.63.233.0/24 maxlen: 24
185.63.234.0/24 maxlen: 24
185.63.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/uqpkzSnJTM3hREj2GhcsdjseQFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/uqpkzSnJTM3hREj2GhcsdjseQFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a0:82:df:e8:0b:73:00:e5:01:5a:4e:15:67:d8:1b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Validity
Not Before: May 22 13:34:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f27e7e5b9d3bccdf46f3ec1627b27948816561e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d1:c6:41:59:26:c4:4e:ce:9f:11:c1:b2:f3:
59:ac:34:9e:b7:f1:07:5a:eb:ee:fb:c9:a3:ca:97:
79:ee:ff:e4:d2:8f:74:a4:de:af:ad:d9:f3:49:06:
5b:ea:cd:2e:a2:b1:61:b2:a3:09:4e:be:fd:7e:81:
4d:7b:bf:50:8b:1b:b4:1d:ea:ae:c5:f7:9c:94:dc:
a3:fe:78:8c:7d:f9:bd:53:f4:03:3e:8a:9c:2d:c5:
30:34:5c:10:17:32:a4:55:33:a3:e7:90:93:65:21:
38:6d:50:74:cc:3f:b7:6b:d7:22:a6:e8:4d:b1:e8:
00:21:7e:0b:c2:df:d3:d6:2c:01:98:8c:b5:f4:c3:
0c:06:72:95:08:85:62:13:6a:d2:00:f9:78:0e:72:
a2:a8:c8:72:18:13:1c:f4:ce:d4:20:ef:8e:88:cc:
a4:64:57:33:1d:02:d7:00:aa:85:12:65:28:88:7b:
67:9c:d2:78:18:77:2d:42:3a:1c:d9:2f:4c:4c:16:
46:2e:8f:e8:4e:0a:76:54:68:5d:8d:6c:80:02:25:
8e:46:04:cf:bd:e7:f9:7c:a7:e8:7d:56:da:83:ec:
81:56:47:26:6d:4b:51:67:bf:5c:64:e9:a5:aa:d5:
b3:0d:20:7e:05:5a:6c:a4:d1:46:17:b0:6f:69:b5:
ce:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7E:7E:5B:9D:3B:CC:DF:46:F3:EC:16:27:B2:79:48:81:65:61:E7
X509v3 Authority Key Identifier:
keyid:BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/8n5-W507zN9G8-wWJ7J5SIFlYec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/uqpkzSnJTM3hREj2GhcsdjseQFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.128.0-88.209.137.255
88.209.160.0/21
88.209.191.0/24
93.189.96.0/21
185.63.232.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:15:89:56:cf:30:83:41:62:11:31:5c:35:1e:5a:a6:45:21:
f1:c7:db:3c:ae:bf:65:09:90:59:83:1e:ed:af:30:cc:c2:11:
35:7c:25:ba:0a:82:e7:32:07:99:ef:fe:14:af:95:d6:30:2b:
0a:a7:7e:c6:36:79:07:97:b1:d9:85:7d:6e:14:2a:f6:ab:39:
33:61:28:ae:70:89:7e:ca:e5:96:b3:b9:dd:b4:1f:22:35:56:
63:af:4b:bf:3a:a3:3c:4b:99:18:a8:e2:f9:28:95:ee:72:e9:
12:70:2d:94:1b:9b:37:f0:41:6e:39:ec:8b:97:52:27:71:4e:
a3:d1:8a:c7:72:24:f6:39:30:03:eb:f4:4e:2f:76:1e:6d:53:
82:e6:0f:84:42:7b:70:c9:8a:3b:88:d6:ba:33:6b:f8:ac:2d:
3b:5c:30:5c:b6:95:54:56:d5:5a:f5:d2:5a:c3:58:61:99:28:
70:88:29:b7:48:66:23:54:74:38:83:82:16:50:20:dc:4c:4d:
d3:9e:57:2c:13:d2:3c:50:94:b3:9c:13:6b:6f:4c:4c:cc:d2:
58:2d:e9:21:48:e2:fa:e7:5c:a4:64:c6:65:fb:49:a3:76:af:
8c:7d:7a:73:2b:56:1a:34:f0:77:11:de:17:e6:4d:73:d6:cd:
7e:db:02:1e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY+ggt/oC3MA5QFaThVn2BsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE2NGNkMjljOTRjY2RlMTQ0NDhmNjFhMTcyYzc2M2Ix
ZTQwNTAwHhcNMjQwNTIyMTMzNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjdlN2U1YjlkM2JjY2RmNDZmM2VjMTYyN2IyNzk0ODgxNjU2MWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tHGQVkmxE7OnxHBsvNZrDSet/EH
Wuvu+8mjypd57v/k0o90pN6vrdnzSQZb6s0uorFhsqMJTr79foFNe79Qixu0Hequ
xfeclNyj/niMffm9U/QDPoqcLcUwNFwQFzKkVTOj55CTZSE4bVB0zD+3a9cipuhN
segAIX4Lwt/T1iwBmIy19MMMBnKVCIViE2rSAPl4DnKiqMhyGBMc9M7UIO+OiMyk
ZFczHQLXAKqFEmUoiHtnnNJ4GHctQjoc2S9MTBZGLo/oTgp2VGhdjWyAAiWORgTP
vef5fKfofVbag+yBVkcmbUtRZ79cZOmlqtWzDSB+BVpspNFGF7BvabXOtQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPJ+fludO8zfRvPsFieyeUiBZWHnMB8GA1UdIwQY
MBaAFLqqZM0pyUzN4URI9hoXLHY7HkBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUt
OGZjYWE2OTM2YzZjLzEvOG41LVc1MDd6TjlHOC13V0o3SjVTSUZsWWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUtOGZjYWE2OTM2YzZj
LzEvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAdY0YAD
BAFY0YgDBANY0aADBABY0b8DBANdvWADBAK5P+gwDQYJKoZIhvcNAQELBQADggEB
AKEViVbPMINBYhExXDUeWqZFIfHH2zyuv2UJkFmDHu2vMMzCETV8JboKgucyB5nv
/hSvldYwKwqnfsY2eQeXsdmFfW4UKvarOTNhKK5wiX7K5Zazud20HyI1VmOvS786
ozxLmRio4vkole5y6RJwLZQbmzfwQW457IuXUidxTqPRisdyJPY5MAPr9E4vdh5t
U4LmD4RCe3DJijuI1roza/isLTtcMFy2lVRW1Vr10lrDWGGZKHCIKbdIZiNUdDiD
ghZQINxMTdOeVywT0jxQlLOcE2tvTEzM0lgt6SFI4vrnXKRkxmX7SaN2r4x9enMr
Vho08HcR3hfmTXPWzX7bAh4=
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:56:53 2024 by rpki-client on console-ams.rpki-client.org